This issue occurs when a collector fails to register to the supervisor with the output such as below:

From the backend phoenix.log in Collector:

# tail -f /opt/phoenix/log/phoenix.log 

Example from Backend phoenix.log:

2024-05-10T15:59:58.106443+10:00 AZxxxxSiemCol-001 phMonitorAgent[3004]: [PH_HTTP_CLIENT_CURL_ERROR]:[eventSeverity]=PHL_ERROR,[procName]=phMonitorAgent,[fileName]=phHttpClient.cpp,[lineNumber]=971,[infoURL]=https://10.130.124.230:443/phoenix/rest/config/systemConfig,[phLogDetail]=curl error (60) Peer certificate cannot be authenticated with given CA certificates for method: GET

To resolve this issue:

Set up a proper CA-signed certificate for Collector from the article below: Technical Note: [Accelops KB] How to set up a proper CA-signed certificate

After setting up the certificate, it is required to enable SSL verification by setting 'http_client_verify_peer=yes' in the /opt/phoenix/config/phoenix_config.txt of the Supervisor and Collector.

Use the curl command below using the supervisor's FQDN, it should return an output of 'SSL certificate verify ok':

# curl -vv https://<Supervisor-FQDN

The collector will have to be re-registered using the supervisor's FQDN for a successful registration such as below:

# phProvisionCollector --add <Org username> <Org user password> <Supervisor-FQDN> <Organization-name> <Collector-name>

OR

For deployments with default self signed TLS certificate and do not wish to install a public CA certificate, make sure that value of config 'http_client_verify_peer' is 'no' in /opt/phoenix/config/collector_config_template.txt file on supervisor and /opt/phoenix/config/phoenix_config.txt file on the collector.

Supervisor node:

# grep http_client_verify_peer /opt/phoenix/config/collector_config_template.txt
http_client_verify_peer=no

Collector node:

# grep http_client_verify_peer /opt/phoenix/config/phoenix_config.txt
http_client_verify_peer=no